github-actions[bot]
commented
2 years ago Issue still exists.
Open github-actions[bot] opened 2 years ago
github-actions[bot]
commented
2 years ago Issue still exists.
Absolute_Path_Traversal issue exists @ src/main/webapp/vulnerability/idor/download.jsp in branch refs/heads/master
Method request.getParameter at line 11 of src\main\webapp\vulnerability\idor\download.jsp gets dynamic data from the ""file"" element. This element’s value then flows through the code and is eventually used in a file path for local disk access in = at line 18 of src\main\webapp\vulnerability\idor\download.jsp. This may cause a Path Traversal vulnerability.
Severity: Medium
CWE:36
Vulnerability details and guidance
Checkmarx
Training Recommended Fix
Lines: 11
Code (Line #11):